Vulnerability Description
A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to xml external entity reference. Upgrading to version 5.2.1 is able to address this issue. The name of the patch is 246f4e2a97ad81491c00a7ed72ce5e7c7f75050a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216215.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tum | Ogc Web Feature Service | < 5.2.1 |
Related Weaknesses (CWE)
References
- https://github.com/3dcitydb/web-feature-service/commit/246f4e2a97ad81491c00a7ed7PatchThird Party Advisory
- https://github.com/3dcitydb/web-feature-service/pull/12PatchThird Party Advisory
- https://github.com/3dcitydb/web-feature-service/releases/tag/v5.2.1PatchThird Party Advisory
- https://vuldb.com/?id.216215Third Party Advisory
- https://github.com/3dcitydb/web-feature-service/commit/246f4e2a97ad81491c00a7ed7PatchThird Party Advisory
- https://github.com/3dcitydb/web-feature-service/pull/12PatchThird Party Advisory
- https://github.com/3dcitydb/web-feature-service/releases/tag/v5.2.1PatchThird Party Advisory
- https://vuldb.com/?id.216215Third Party Advisory
FAQ
What is CVE-2022-4607?
CVE-2022-4607 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to xml external ...
How severe is CVE-2022-4607?
CVE-2022-4607 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-4607?
Check the references section above for vendor advisories and patch information. Affected products include: Tum Ogc Web Feature Service.